Actually, look at it this way: keep going with my earlier 'not your PC not your DATA' statement.

It might not have even been someone at that company. A lot of places use external MSPs for things.
It's a somewhat simple task for most of the software that is placed on corporate PCs for monitoring / remote service and things to generate an alert when something happens / someone goes to a specific site and so on.

So if it's an external 3rd party that has access for legitimate reasons, and one of their staff has setup and alert to send an email to them when users go to a specific site and then record all actions done then, they could easily get 5 private keys from 5 people in different parts of the world. Then you delete the alert and data as part of the 'monthly database clean' or whatever and tan you take the BTC and run.

Now 5 people who never met each other, some of them who do not even know what the name of the MSP their company uses is have missing coins.
Good luck tracking that down.

In theory figuring it out is very simple. Since the MSP is the common link. In reality since if they did it with a bit of thought, everyone worked for a different company and every company has a no private work on the work PC it's even better. Do you eat the loss or report it and risk loosing your job.

-Dave